<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" href="../../../../style.css" type="text/css" media="screen">
<link rel="stylesheet" href="../../../../print.css" type="text/css" media="print">
<meta content="OAuthBaseService,com.photobucket.webapi.oauth.OAuthBaseService,oauth_consumer_key,oauth_consumer_secret,oauth_signature_method,oauth_token,oauth_token_secret,oauth_version,oauth_nonce,oauth_timestamp,createUID,getBaseString,getEncodedURL,getSignature,signRequest" name="keywords">
<title>com.photobucket.webapi.oauth.OAuthBaseService</title>
</head>
<body>
<script type="text/javascript" language="javascript" src="../../../../asdoc.js"></script><script type="text/javascript" language="javascript" src="../../../../cookies.js"></script><script type="text/javascript" language="javascript">
<!--
				asdocTitle = 'OAuthBaseService - Photobucket Open API AS3 Client Library';
				var baseRef = '../../../../';
				window.onload = configPage;
			--></script>
<table style="display:none" id="titleTable" cellspacing="0" cellpadding="0" class="titleTable">
<tr>
<td align="left" class="titleTableTitle">Photobucket Open API AS3 Client Library Documentation</td><td align="right" class="titleTableTopNav"><a onclick="loadClassListFrame('../../../../all-classes.html')" href="../../../../package-summary.html">All&nbsp;Packages</a>&nbsp;|&nbsp;<a onclick="loadClassListFrame('../../../../all-classes.html')" href="../../../../class-summary.html">All&nbsp;Classes</a>&nbsp;|&nbsp;<a onclick="loadClassListFrame('../../../../index-list.html')" href="../../../../all-index-A.html">Index</a>&nbsp;|&nbsp;<a href="../../../../index.html?com/photobucket/webapi/oauth/OAuthBaseService.html&amp;com/photobucket/webapi/oauth/class-list.html" id="framesLink1">Frames</a><a onclick="parent.location=document.location" href="" style="display:none" id="noFramesLink1">No&nbsp;Frames</a></td><td rowspan="3" align="right" class="titleTableLogo"><img alt="Adobe Logo" title="Adobe Logo" class="logoImage" src="../../../../images/logo.jpg"></td>
</tr>
<tr class="titleTableRow2">
<td align="left" id="subTitle" class="titleTableSubTitle">Class&nbsp;OAuthBaseService</td><td align="right" id="subNav" class="titleTableSubNav"><a href="#propertySummary">Properties</a>&nbsp;| <a href="#methodSummary">Methods</a></td>
</tr>
<tr class="titleTableRow3">
<td colspan="2">&nbsp;</td>
</tr>
</table>
<script type="text/javascript" language="javascript">
<!--
if (!isEclipse() || window.name != ECLIPSE_FRAME_NAME) {titleBar_setSubTitle("Class OAuthBaseService"); titleBar_setSubNav(false,true,false,false,false,false,true,false,false,false,false,false,false,false);}
--></script>
<div class="MainContent">
<table cellspacing="0" cellpadding="0" class="classHeaderTable">
<tr>
<td class="classHeaderTableLabel">Package</td><td><a onclick="javascript:loadClassListFrame('class-list.html')" href="package-detail.html">com.photobucket.webapi.oauth</a></td>
</tr>
<tr>
<td class="classHeaderTableLabel">Class</td><td class="classSignature">public class OAuthBaseService</td>
</tr>
<tr>
<td class="classHeaderTableLabel">Inheritance</td><td class="inheritanceList">OAuthBaseService <img class="inheritArrow" alt="Inheritance" title="Inheritance" src="../../../../images/inherit-arrow.gif"> flash.events.EventDispatcher</td>
</tr>
<tr>
<td class="classHeaderTableLabel">Subclasses</td><td><a href="../service/PhotobucketService.html">PhotobucketService</a></td>
</tr>
</table>
<p></p>
  Class that contains the nessecary mechanisms to sign OAuthRequest objects and convert them to URLReqeustObjects. Most API implemations will extend this class and override its
  properties for its own unique variations from the OAuth1.0 spec.  There are several areas in the OAuth1.0 spec that are open to interpitation and so these specific funcitons
  mught actually requre that an override be needed.  It extends the EventDispatcher to allow for several different styles of a service to be implmented from this class.
  
  In regards to areas open to interpitation of the 
   This implementation only supports HMAC-SHA1 signatures.
   This implmeentaiton does not include the Content-Disposition elements of the file being uploaded as apart of the OAuthSignature. 
  
  This pakage depends on "As3 Crypto Framework 1.3" that can be found at http://crypto.hurlant.com/
  
  <p></p>
<br>
<hr>
</div>
<a name="propertySummary"></a>
<div class="summarySection">
<div class="summaryTableTitle">Public Properties</div>
<table id="summaryTableProperty" class="summaryTable " cellpadding="3" cellspacing="0">
<tr>
<th>&nbsp;</th><th colspan="2">Property</th><th class="summaryTableOwnerCol">Defined&nbsp;by</th>
</tr>
<tr class="">
<td class="summaryTablePaddingCol">&nbsp;</td><td class="summaryTableInheritanceCol">&nbsp;</td><td class="summaryTableSignatureCol"><a class="signatureLink" href="#oauth_consumer_key">oauth_consumer_key</a> : String<div class="summaryTableDescription">
   Consumer Key:  A value used by the Consumer to identify itself to the Service Provider.</div>
</td><td class="summaryTableOwnerCol">OAuthBaseService</td>
</tr>
<tr class="">
<td class="summaryTablePaddingCol">&nbsp;</td><td class="summaryTableInheritanceCol">&nbsp;</td><td class="summaryTableSignatureCol"><a class="signatureLink" href="#oauth_consumer_secret">oauth_consumer_secret</a> : String<div class="summaryTableDescription">
   Consumer Secret: A secret used by the Consumer to establish ownership of the Consumer Key.</div>
</td><td class="summaryTableOwnerCol">OAuthBaseService</td>
</tr>
<tr class="">
<td class="summaryTablePaddingCol">&nbsp;</td><td class="summaryTableInheritanceCol">&nbsp;</td><td class="summaryTableSignatureCol"><a class="signatureLink" href="#oauth_token">oauth_token</a> : String = ""<div class="summaryTableDescription"> 
   Acess Token/Reuest Token:
   
   Access Token: A value used by the Consumer to gain access to the Protected Resources on behalf of the User, instead of using the User’s Service Provider credentials.</div>
</td><td class="summaryTableOwnerCol">OAuthBaseService</td>
</tr>
<tr class="">
<td class="summaryTablePaddingCol">&nbsp;</td><td class="summaryTableInheritanceCol">&nbsp;</td><td class="summaryTableSignatureCol"><a class="signatureLink" href="#oauth_token_secret">oauth_token_secret</a> : String = ""<div class="summaryTableDescription">
    Token Secret: A secret used by the Consumer to establish ownership of a given Token.</div>
</td><td class="summaryTableOwnerCol">OAuthBaseService</td>
</tr>
</table>
</div>
<a name="methodSummary"></a>
<div class="summarySection">
<div class="summaryTableTitle">Public Methods</div>
<table id="summaryTableMethod" class="summaryTable " cellpadding="3" cellspacing="0">
<tr>
<th>&nbsp;</th><th colspan="2">Method</th><th class="summaryTableOwnerCol">Defined&nbsp;by</th>
</tr>
<tr class="">
<td class="summaryTablePaddingCol">&nbsp;</td><td class="summaryTableInheritanceCol">&nbsp;</td><td class="summaryTableSignatureCol">
<div class="summarySignature">
<a class="signatureLink" href="#createUID()">createUID</a>():String</div>
<div class="summaryTableDescription">[static]
   Returns a unique id to use a a noonce.</div>
</td><td class="summaryTableOwnerCol">OAuthBaseService</td>
</tr>
</table>
</div>
<script type="text/javascript" language="javascript">
<!--
showHideInherited();
--></script>
<div class="MainContent">
<a name="propertyDetail"></a>
<div class="detailSectionHeader">Property detail</div>
<a name="oauth_consumer_key"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">oauth_consumer_key</td><td class="detailHeaderType">property</td>
</tr>
</table>
<div class="detailBody">
<code>public var oauth_consumer_key:String</code><p>
   Consumer Key:  A value used by the Consumer to identify itself to the Service Provider.
   </p></div>
<a name="oauth_consumer_secret"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">oauth_consumer_secret</td><td class="detailHeaderType">property</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>public var oauth_consumer_secret:String</code><p>
   Consumer Secret: A secret used by the Consumer to establish ownership of the Consumer Key.
   </p></div>
<a name="oauth_nonce"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">oauth_nonce</td><td class="detailHeaderType">property</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>oauth_nonce:String</code>&nbsp;&nbsp;[read-only]<p>
   Nonce: The Consumer SHALL then generate a Nonce value that is unique for all requests with that timestamp. 
   A nonce is a random string, uniquely generated for each request. The nonce allows the Service Provider to verify that a 
   request has never been made before and helps prevent replay attacks when requests are made over a non-secure channel (such as HTTP).
   </p><span class="label">Implementation</span>
<br>
<code>&nbsp;&nbsp;&nbsp;&nbsp;oauth_internal function get oauth_nonce():String</code>
<br>
</div>
<a name="oauth_signature_method"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">oauth_signature_method</td><td class="detailHeaderType">property</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>oauth_internal var oauth_signature_method:String = "HMAC-SHA1"</code><p>
    Signature Method:  The Consumer declares a signature method in the oauth_signature_method parameter, generates a signature, and stores it in the oauth_signature parameter.
    OAuth does not mandate a particular signature method, as each implementation can have its own unique requirements. The protocol defines three signature methods: HMAC-SHA1, RSA-SHA1, 
    and PLAINTEXT, but Service Providers are free to implement and document their own methods. Recommending any particular method is beyond the scope of this specification.  
   
    This Library supports only HMAC-SHA1
   </p></div>
<a name="oauth_timestamp"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">oauth_timestamp</td><td class="detailHeaderType">property</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>oauth_timestamp:String</code>&nbsp;&nbsp;[read-only]<p>
   Timestamp:  Unless otherwise specified by the Service Provider, the timestamp is expressed in the number of seconds since January 1, 1970 00:00:00 GMT. 
   The timestamp value MUST be a positive integer and MUST be equal or greater than the timestamp used in previous requests.
   </p><span class="label">Implementation</span>
<br>
<code>&nbsp;&nbsp;&nbsp;&nbsp;oauth_internal function get oauth_timestamp():String</code>
<br>
</div>
<a name="oauth_token"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">oauth_token</td><td class="detailHeaderType">property</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>public var oauth_token:String = ""</code><p> 
   Acess Token/Reuest Token:
   
   Access Token: A value used by the Consumer to gain access to the Protected Resources on behalf of the User, instead of using the User’s Service Provider credentials.
   Request Token: A value used by the Consumer to obtain authorization from the User, and exchanged for an Access Token.
   
   </p></div>
<a name="oauth_token_secret"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">oauth_token_secret</td><td class="detailHeaderType">property</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>public var oauth_token_secret:String = ""</code><p>
    Token Secret: A secret used by the Consumer to establish ownership of a given Token.
   </p></div>
<a name="oauth_version"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">oauth_version</td><td class="detailHeaderType">property</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>oauth_internal var oauth_version:String = "1.0"</code><p>
    Version:  The version of the oauth potocol that us being used
    This libary only supports 1.0
   </p></div>
<a name="methodDetail"></a>
<div class="detailSectionHeader">Method detail</div>
<a name="createUID()"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">createUID</td><td class="detailHeaderParens">()</td><td class="detailHeaderType">method</td>
</tr>
</table>
<div class="detailBody">
<code>public static function createUID():String</code><p>
   Returns a unique id to use a a noonce. Logic coppied from the Flex framework
   but redefined here to remove the dependency on the Flex Framework
   </p><p></p>
<span class="label">Returns</span>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="20"></td><td><code>String</code></td>
</tr>
</table>
</div>
<a name="getBaseString()"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">getBaseString</td><td class="detailHeaderParens">()</td><td class="detailHeaderType">method</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>oauth_internal function getBaseString(request:<a href="IOAuthRequest.html">IOAuthRequest</a>):String</code><p>
   Generates the base string for the signature process
   </p><span class="label">Parameters</span>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="20px"></td><td><code><span class="label">request</span>:<a href="IOAuthRequest.html">IOAuthRequest</a></code></td>
</tr>
</table>
<p></p>
<span class="label">Returns</span>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="20"></td><td><code>String</code></td>
</tr>
</table>
</div>
<a name="getEncodedURL()"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">getEncodedURL</td><td class="detailHeaderParens">()</td><td class="detailHeaderType">method</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>oauth_internal function getEncodedURL(url:String):String</code><p>
   getEncoded URL: encodes the URL of the request to meet the reqiurements of the API as it is used as part of the BaseString to generate the oauth_signature.
   Some large service providers might have some additional requirments around how this URL needs be formated as the API may traverse multiple domains.  In which
   case override the URL encoding function to accomplish this task.
   </p><span class="label">Parameters</span>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="20px"></td><td><code><span class="label">url</span>:String</code></td>
</tr>
</table>
<p></p>
<span class="label">Returns</span>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="20"></td><td><code>String</code></td>
</tr>
</table>
</div>
<a name="getSignature()"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">getSignature</td><td class="detailHeaderParens">()</td><td class="detailHeaderType">method</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>oauth_internal function getSignature(request:<a href="IOAuthRequest.html">IOAuthRequest</a>, method:String = "HMAC-SHA1"):String</code><p>
   The function generates the signature of the request for a given method.  This function only implements HMAC-SHA1 currently.
   
   The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104] 
   (Krawczyk, H., Bellare, M., and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication,” .) 
   where the Signature Base String is the text and the key is the concatenated values (each first encoded per 
   Parameter Encoding (Parameter Encoding)) of the Consumer Secret and Token Secret, separated by an ‘&’ character 
   (ASCII code 38) even if empty.
   
   If this is not a protected resource the TokenSecret is treated as an empty string.
   
   </p><span class="label">Parameters</span>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="20px"></td><td><code><span class="label">request</span>:<a href="IOAuthRequest.html">IOAuthRequest</a></code></td>
</tr>
<tr>
<td class="paramSpacer">&nbsp;</td>
</tr>
<tr>
<td width="20px"></td><td><code><span class="label">method</span>:String</code> (default = "<code>HMAC-SHA1</code>")<code></code></td>
</tr>
</table>
<p></p>
<span class="label">Returns</span>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="20"></td><td><code>String</code></td>
</tr>
</table>
</div>
<a name="signRequest()"></a>
<table cellspacing="0" cellpadding="0" class="detailHeader">
<tr>
<td class="detailHeaderName">signRequest</td><td class="detailHeaderParens">()</td><td class="detailHeaderType">method</td><td class="detailHeaderRule">&nbsp;</td>
</tr>
</table>
<div class="detailBody">
<code>oauth_internal function signRequest(request:<a href="IOAuthRequest.html">IOAuthRequest</a>):void</code><p>
   signRequest:  The purpose of signing requests is to prevent unauthorized parties from using the Consumer Key and Tokens when making Token requests or Protected Resources requests. 
   The Service Provider verifies the signature as specified in each method. When verifying a Consumer signature, the Service Provider SHOULD check the request nonce to ensure
    it has not been used in a previous Consumer request.
   
   No parameters should be added to the request once it has been signed
   
   </p><span class="label">Parameters</span>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="20px"></td><td><code><span class="label">request</span>:<a href="IOAuthRequest.html">IOAuthRequest</a></code></td>
</tr>
</table>
</div>
<br>
<br>
<hr>
<br>
<p></p>
<center class="copyright"> 
</center>
</div>
</body>
</html>
<!-- -->
